Draft bill to penalise tech firms for refusing encryption order

US senators close to finalising draft bill that will penalise tech firms who refuse court orders over encrypted data

US Senators are reportedly close to finalising encryption legislation that could see tech firms penalised if they refuse a court order to help law enforcement unlock encrypted data.

The draft bill comes as Apple remains locked in a highly public battle with the US Department of Justice, after a US court ordered it to unlock the iPhone belonging to a terrorist involved in December’s shootings in San Bernardino, California.

The draft legislation, being proposed by senators Richard Burr and Dianne Feinstein, the leading Republicans and Democrats on the US Senate Intelligence Committee, could potentially see Apple hit with civil (not criminal) penalties such as contempt of court or fines.

According to sources quoted by Reuters, the draft bill could be introduced as soon as next week where it will be circulated among interested parties, before being officially introduced soon after.

No timetable for the legislation has been revealed, and the draft law would unlikely make it through the US House of Representatives. It should be noted that the US House of Representatives has previously strongly supported digital privacy in the wake of the NSA spying activities, as revealed by whistle-blower Edward Snowden.

But political pressure remains. President Obama has made no secret of the fact that he wants access to encrypted messages, and he has previously asked tech companies to allow the government to break that encryption when necessary.

Yet the White House was forced to back down after it became clear that the government would be strongly opposed by Silicon Valley.

Last June a number of leading technology companies including Google, Apple, IBM, Microsoft and Facebook wrote a strongly-worded open letter to President Obama, calling for him to respect the privacy rights of consumers by not weakening encryption systems.

On this side of the Atlantic, British prime minister David Cameron also wants an encryption back-door. But earlier this year, the Dutch government pledged not to weaken encryption by forcing technology companies to hand over encrypted communications to intelligence agencies.

Yet it is clear that politicians are facing calls from law enforcement officials over encryption.

The chief for Europol has previously said the increasing prevalence of encrypted internet communications presents a major difficulty for law-enforcement and national security efforts.

US law enforcement have also been clear that encryption can prevent the FBI and the Department of Homeland Security from examining data during investigations.

The leading counter-terrorism policeman in the UK has also previously said that some tech firms are helping militants avoid detection by developing systems that are “friendly to terrorists”.

Apple for its part continues to refuse to create a “back-door” to allow the FBI to access the phone data of the San Bernardino shooter Syed Rizwan Farook.

Edward Snowden meanwhile has recently described the FBI claim that it cannot unlock Farook’s iPhone as “bulls**t”.

And this week a US federal judge has rejected the US Department of Justice’s (DOJ) request for Apple to unlock an iPhone of an accused drug dealer, in a ruling that could have implications for the Farook court case.

The whole scenario harks back to 20 years ago when US law enforcement was demanding back-door encryption keys into networked servers, routers, switches and other kit to make it easier for them to access and farm data – which the major US kit suppliers complied with.